Document how to secure the Capsule environment with PSP #5
Comments
|
@prometherion just started to address this issue. Following kubernetes guidelines we should assign the SA in the For what concerns tenants, we should consider the option to add a new section in the tenant manifest in order to assign a specific PSP to the tenant. Each namespace inherits the PSP grant from the tenant. It's likely that in a multi-tenant user we want to use different PSP for different tenants. See #52 |
|
PodSecurityPolicies for Capsule Operator can be enabled when installing Capsule with its helm chart https://github.com/clastix/capsule-helm-chart. It is documented into the chart. |
Making a CaaS platform means Tenant owner Pods could run on the same node: an attacker could start a privileged one, getting root access on the machine, and obtain privilege escalation.
A document explaining how to set up a simple Pod Security Policy would be great, explaining why a Cluster Admin should deny getting Pods running as privileged, denying to perform host mounting, or host using the host network, etc.
I'm pretty confident that Capsule is not responsible to set this up and must be performed by the Cluster Admin, rather.
The text was updated successfully, but these errors were encountered: